Skip to main content

Required Jamf Pro Account Permissions

info
[CHECK THIS: NEED TO ADD THIS SECTION FOR CONFIGMGR, SCCM2012, ALTIRIS, AIRWATCH, MOBILE IRON, ServiceNow, BMC Remedy, Orchestrator, WFM. SHOULD IT BE IN GETTING STARTED CHAPTER? OR SITE MGMT CHAPTER?]

In order for App Portal to be successfully integrated with Jamf Pro, your Jamf Pro account needs to have a specific set of minimum permissions. To define permissions on your Jamf Pro account, perform the following steps:

To set required permissions on your Jamf Pro account:

  1. Launch Jamf Pro and login using your Jamf Pro account.
  2. On the Jamf Pro home page, click the Settings “gear” icon at the top right:
    • The System Settings tab opens.
  3. Click Jamf Pro User Accounts & Groups . The Jamf Pro User Accounts & Groups page opens.
  4. Click on the name of your Jamf Pro account. The Account tab of the account settings page opens.
    • In some versions of Jamf Pro, the Access Status field may be named Access Level . If so, set Access Level to Full Access .

info

If your Jamf Pro system account does not have Administrator privileges, then App Portal will be unable to integrate with Jamf Pro.

  1. Open the Privileges tab. The Jamf Pro Server Objects subtab of the Privileges tab opens.
  2. On the Jamf Pro Server Objects subtab, click Edit and make sure that the following permissions are selected:
ObjectPermission
CategoriesCreate (optional) Read Update (optional)
ComputersRead
File Share Distribution PointsRead
PackagesRead
PoliciesCreate Read Update
Static Computer GroupCreate Read Update
  • The table below lists the minimum permissions required for the user account in Jamf Pro to integrate with or execute different functionalities within App Portal / App Broker.
ActionPurposePermission
Test ButtonCheck existence of category, policy template, and computer group templateREAD Categories, READ Policies, READ Static Computer Groups (OPTIONAL: CREATE Categories to create category if category does not already exist)
Data SyncRetrieve device information and user associationsREAD Computers
Software DeploymentAllow creation of software catalog items for Mac devices and automatic delivery of that software upon requestREAD Categories, READ Computers, READ File Share Distribution Points, READ Packages, CREATE/READ/UPDATE Policies, CREATE/READ/UPDATE Static Computer Groups
  1. When you are finished selecting permissions, click Save .

  2. Open the Jamf Pro Server Settings subtab.

  3. Click Edit and make sure that Read is selected for Activation Code .

  4. When you are finished selecting permissions, click Save .

  5. When you are finished selecting permissions, click Save .

  6. Open the Jamf Pro Server Settings subtab.

  7. Click Edit and make sure that Read is selected for Activation Code .

  8. When you are finished selecting permissions, click Save .

See Also

Entering Jamf Pro Settings at Initial Start Up

API Calls Used by App Portal to Integrate with Jamf Pro

Jamf Pro Tab

Enabling the “Create Uninstall Policy” Option for a Jamf Pro Package